Uncovering the Latest Mobile Threats with Check Point Research

If there is one thing that 2020 has taught us so far in the IT space, is that organizations need to be prepared to go fully remote and mobile at any given time. And this new paradigm has also shifted hackers attention to the remote endpoints, leaving unprepared organizations exposed to mobile endpoint attacks.

In the past few months, Check Point Researchers have seen an enormous rise in the number of mobile attacks and data breaches happening from the mobile endpoint. They have uncovered Coronavirus-related malicious campaigns, sophisticated mobile ransomware attacks, and even Mobile Device Management (MDM) getting weaponized to attack organizations.

First seen in the wild: MDM used to distribute malware

Check Point researchers recently discovered a new Cerberus variant targeting a multinational conglomerate. The shocking news are that the malware was distributed via the company’s Mobile Device Management (MDM) server, and it infected over 75% of the company’s devices. MDM’s most prominent feature, arguably the reason for its existence, is also its core weakness: a single, central control for the entire mobile network. If that platform is breached, so is the entire mobile network.

We invite you to join our upcoming webinar with Check Point Research “Mobile Threats to the Enterprise in 2020” on May 26th to see first-hand from the experts how these malicious campaigns were initially discovered, and how SandBlast Mobile can protect against them. 9:00 AM London time | 9:00 AM PST

Coronavirus-related mobile malware

It should come to no one’s surprise that malicious actors would exploit the massive media attention and people’s fears to COVID-19 to spread mobile malware to steal users’ data or generate fraudulent revenue from premium-rate services. Check Point’s researchers discovered 16 different malicious apps, all masquerading as legitimate coronavirus apps, which contained a range of malware, such as Mobile Remote Access Trojans (MRATs), Banker Trojans, and Premium Dialers. Hackers succeeded to do so by tricking users into downloading apps that claim to offer Coronavirus-related information and help for users.

Ransomware goes mobile

While ransomware has only started taking its first steps in the mobile world, it is evolving fast as malicious actors apply their experience on network and endpoint ransomware to create mobile variants. An example is the ‘Black Rose Lucy’ malware family, originally discovered in September 2018 by Check Point. And now, nearly two years later, it is back with new ransomware capabilities that allow it to take control of victims’ devices to make various changes and install new malicious applications.

Want to learn more?

Register now to our webinar on May 26th with Check Point Research to learn first-hand from the experts: